Modpod – Growth Marketing & Digital Strategy

The Regulators are Coming. What Martech can learn from Fintech.

Regulators

If you think about how violently most of the basic functions of your life were uprooted between 2008 and 2012, the relative stasis of standard financial functions in that period could be seen as strange. I took my first Uber ride and signed up for both Spotify and Netflix in 2012. But in 2012 my bank was a 100 year old company. Sure, they had a clunky app, but the basic structure of my financial life hadn’t changed in the same way as had my transport, music and TV consumption.

If you think about how violently most of the basic functions of your life were uprooted between 2008 and 2012, the relative stasis of standard financial functions in that period could be seen as strange. I took my first Uber ride and signed up for both Spotify and Netflix in 2012. But in 2012 my bank was a 100 year old company. Sure, they had a clunky app, but the basic structure of my financial life hadn’t changed in the same way as had my transport, music and TV consumption.

In the past 5 years though, Fintech is booming. Fintech startup funding grew 574% from 2014 to 2018, in the same time that total VC funding grew just 150%. Blockchain funding grew 1,844%. Digital banks seem to be popping up every other week, either as challenger startups or offshoots of major banks. Venmo type money transfers are commonplace between friends and family at dinner together, while TransferWise and others overthrow the status quo for transfers between friends and family across the globe.

Data from Crunchbase including all funding types.

The financial services industry is among the most universally regulated, creating large barriers to entry for  startups and regulatory hurdles for technological innovation. Douglas Arner’s work on the intersections of Fintech and regulation makes the case that the Global Financial Crisis (GFC) created an environment in which public trust in traditional financial institutions disintegrated, and was exceeded by trust in big technology firms. Coupled with tighter regulation on traditional banks, such as the Dodd Frank Wall Street Reform in the US, new opportunities for innovation in financial services bubbled.

Restrictions on low-tier lending drove individuals and SME’s to unregulated P2P lending platforms. Banking services like payments, transfers, and different forms of current accounts began to be offered outside of the regulated financial services structure, either in the form of siloed products like Venmo, or incorporated into other pervasive technology products such as Apple Pay or GrabPay. In Europe, the Payment Services Directive (PSD2), regulation which went into effect in 2018, paved the way for tech startups to have better access to their customers’ banking data which will fuel their innovation beyond the abilities of traditional players.

With regulators now breathing down the neck of the marketing technology gatekeepers – Facebook, Google and Amazon in the West, Tencent and Alibaba in the East – those in the Martech space can learn from the developments in Fintech, about how to thrive in the highly regulated world of managing sensitive data, trust and risk. The learnings are important for both startups developing Martech offerings, as well as companies pursuing competitive advantage through advancements in marketing tracking and analytics.

Facebook regulation
Mark Zuckerberg faces the brunt of oncoming regulation in Martech.

 

The Martech Wild West

The advancement of tracking technology in digital marketing has been a wild west, purposely obscured from user understanding and regulator oversight. My work with Modpod centres around driving growth strategy through analysis of precise interactions in the complete customer lifecycle across devices and platforms, between marketing tools, ad platforms, in-product and even in-store. In my experience, many companies employing these technologies through 3rd party vendors are even unaware of how they support questionable user tracking, either directly or through the various tracking codes and SDKs in their product that direct their user data to data brokers stitching together complex profiles of users across all aspects of their lives.

I founded Modpod to help companies professionalise their data-driven engagement, growth architecture, and lean process. To be ahead of the curve and responsible working in this space means bringing a discussion on tracking and analytics to the core of company strategy, instilling brand values and user centricity into marketing and product decisions. Our study of Fintech’s development in a highly regulated environment highlights 2 key learnings for Martech moving into a new era of transparency, privacy and data security.

 

1. Transparency and security innovation

Hype around blockchain technology has often been clouded by hype around cryptocurrency. However the projection for a blockchain market in the realm of $US2.3 billion by 2021 is driven by applications where transparency and security is key. That could include driving a regulated digital exchange platform, identifying investors in tokenised securities in order to automate regulatory processes for the investor’s jurisdiction, or even tracking authenticity of luxury goods.

Similarly, the push for open banking has been saturated in debates about data security and consent for consumers, and the requirement of data transparency on the part of financial institutions in order to stimulate innovation and competition. These issues are so baked into the financial services industry structure that firms are unable to define the rules of play without regulator leadership, rather than the other way around. This could be the future for Martech, where precise rules and protocols on tracking and data sharing aim to protect consumers and stimulate competition, necessitating detailed joint consultation between industry and regulators to pave the way forward.

 

 

What does it mean for Martech?

Expect a greater push for tracking standards and ad fraud prevention.
Every digital marketer is familiar with the experience of their ad analytics not reconciling between platforms. Ad farms, pixel stuffing, botnets and ad stacking are all rampant methods of ad fraud, but more frustratingly, these often cannot be distinguished from less nefarious differences in tracking protocols between platforms. The application of blockchain tech to address this industry-wide problem is advancing fast. For example, some blockchain driven ad platforms are centred around fighting ad fraud like Lucidity and Adbank.

Marketers should be looking to new solutions like this to avoid the obscurity in their analytics. At the same time, brands should take responsibility on behalf of their users by demanding transparency on the tracking technologies they employ through 3rd parties, and pass that transparency on to their users.

 

Expect a user-centric model of identity and consent.
GDPR (discussed further below) was the start of an important shift towards empowering consumers in deciding how their data is used. This development will likely be slow, but companies like Civic and uPort are showing how blockchain-driven identity verification can both include users to a greater degree in the management of their identity data between vendors, and improve data accuracy for businesses at the same time. Paypal has also invested in this space seeing an opportunity to fuel consumer-owned identity management for financial transactions.

An elephant in the room is the growth of Martech companies that pool customer data to enable user identity resolution across platforms and devices. Companies like Branch and Appsflyer offer this kind of technology out of the box. While some of the most pervasive Martech software like Marketo, Salesforce, Oracle and Adobe Marketing Cloud partner with identity resolution specialists like LiveRamp. In these systems each company’s user data is shared into a pool that helps other companies to stitch together a single identity across any interaction when a user hasn’t explicitly authenticated themself. The pooled data is of course anonymised of unique personal identifiers, but does that really matter if there is enough data to reliably identify an individual? Numerous academic studies have shown that as few as 4 metadata points are needed to uniquely identify over 90% of individuals.

Marketers need to think about how their data use will become central to their product offering, and should treat those decisions with the same level of user-centric thinking they do the rest of their product. Identifying users is important for marketers to be able to deliver tailored and relevant experiences. In the open banking debates consumer groups often call for more open data sharing to allow for better, cheaper consumer products. The caveat is that the user should have control over how that data is shared, and Fintech regulation is on the path of ensuring that. It can be expected to go the same way in marketing identity sharing and user consent. Marketers should represent their users’ interests, rather than wait for regulators to force them to.

Regulation in Martech
Facebook? Google? Alibaba? Equifax? Axciom?

 

2. Regulation Strategy and RegTech

Security of the financial system is core to the idea of a nation-state, as trust in the currency, interest rates, and savings and investments with financial institutions supports the economy. For that reason, a long, developed history of financial sector regulation has been instilled in Fintech innovation. While Dodd-Frank in the US enabled shifting consumer behaviour that benefited some startups, it also bogged down many potential innovations in myriad regulatory hurdles, as described by Adena Hefets.

“Today, banking companies need to comply with governance and risk monitoring set by the Federal Reserve Board and the Office of the Comptroller of the Currency. Companies also need to comply with the Consumer Financial Protection Bureau for oversight of non-banking activities. There is also third party risk monitoring, data quality rules, security mandates, know your customer regulations, anti-money laundering compliance, liquidity reserve mandates… and the list goes on.”

Hefets outlines two Fintech strategies to tackle this challenge:

1. Think niche and move quickly.
This entails finding a less regulated area of Fintech to scale in to achieve traction, attract funding and establish a brand before moving into higher-regulated areas. An interesting take on this strategy is targeting growth in less regulated regions. Arner describes the rise of Fintech in Africa and Asia Pacific, where consumers have been historically underbanked. In less than 5 years, payments in Kenya through the mobile payment service M-Pesa surpassed 43% of the country’s GDP, leading to closer supervision from the central bank. Similarly Alipay processed 175 million transactions per day in 2016 while avoiding being defined as a bank, and therefore not regulated like a bank.

2. Think big and move slowly.
Tackling large challenges in Fintech can put startups ahead of the pack in navigating the regulatory landscape. But the many hurdles will mean launching products will move slowly. Payments processor Stripe even frame their product around taking on the challenges of “financial institutions, regulators, payment networks, banks and consumer wallets” so businesses don’t have to.

Out of this environment emerged the metanexus of tech sectors – Regtech. The suite of software services that help the financial industry deal with monitoring, compliance and reporting more effectively and efficiently. Not only do these services enable Fintechs to navigate their regulatory requirements, but the increased data flow in Regtech also allows regulators to leverage better and more real-time risk analysis in administering and enforcing financial regulations.

 

What does it mean for Martech?

A few key developments already in 2019:

  • Mark Zuckerberg recently called for GDPR-like regulation in the US, as has Apple CEO Tim Cook. The CEO of one of the underbelly players of digital data brokering, Axciom, has said GDPR is just the beginning.
  • Oracle (a data brokering and identity resolution powerhouse in itself) is dragging Google through a complaints process with the Australian Competition and Consumer Commission (ACCC) claiming it obscures exactly what data it collects from Android users’ phones and purposely obfuscates the process for users to opt-out.
  • Google was fined €50 million for breach of EU data privacy (GDPR) laws (albeit that pales in comparison to their €4.7 billion fine 2018 for antitrust breach).

Marketers can expect that as data privacy laws become more robust, dealing with data management will become more burdensome, slowing down the launch for digital marketing initiatives and implementation of new marketing technology. With models of explicit consent and minimum necessary data collection, some marketers will be incentivised to find methods of subversion like manufacturing plausible reasons for collecting certain data to obscure the real tracking and data aggregation reasons. A common example of this today is the prompt that most social media networks give users to add a phone number for security purposes, ticking the explicit consent and reasonable data usage boxes in one go.

LinkedIn's phone capture. Is this actually keeping users MORE secure?

Companies that put user data rights at the core of their brand might rather put effort into illustrating consumer benefits of data sharing. This behaviour can be seen today when publishers detect Adblocker software in browsers and either request or force users to disable it or alternatively subscribe to their mailing list.

Wired's polite request to let them track you.

 

Some predict that use of 3rd party data will become more and more difficult as regulation matures, which is likely good news for smaller businesses that don’t have the funds or capacity to make use of large sets of 3rd party data. With respect to 2nd party data platforms used for better targeting and stitching together 1st party data, explicit consent is going to become more and more important. Especially for smaller businesses, data can often end up in software platforms that weren’t part of the user’s consent lifecycle, or shouldn’t be used in certain ways. Modpod helps companies align Martech systems and internal processes so that team members have user-centric data privacy built into their way of executing marketing initiatives. In our work we expect that new service providers will form a kind of Regtech for the marketing data privacy industry. We’re taking suggestions on the official naming for this industry. Pritech? Anti-creeptech?

Data and privacy academic and one of the leading commentators on the current privacy wars debate, Kalev Leetaru, wrote a whopping piece in 2018 about the shady world of data brokering. One argument put forward was that Facebook has become a scapegoat in the privacy wars, due to its consumer omnipresence. But Facebook in fact is relatively forthcoming about the data they collect and purchase, compared to the vast data brokerage network that fuels the Martech industry.

The debates happening in courtrooms, competition commissions and congressional hearings today are the tip of the iceberg. Ask any Fintech founder and they’ll tell you how their whole business can hang on the outcomes of these drawn out debates. Businesses looking to drive their growth through the data they collect will increasingly be forced to bring their data tracking and privacy issues to boardroom-level, and eventually, face great risk in failure to comply with regulation across the globe. The first step in preparing for this shift is to take control of how the technology stack collects, processes, stores and moves data, to start to make decisions about how that is done with the user at heart.

Ben Posetti is the Founder of Modpod, a growth marketing and digital strategy consultancy.

www.posetti.com

More from the blog